120506-2-step-my-final-words
Content ---- ---- ---- ---- ---- ---- So becasue you didnt pick a good password or make sure not to go to shady sites its carbines fault? The number one reason that people get their account information(email/password for website login) Is they go to shady sites and get a keylogger. This is a case of user error not carbine. | |} ---- ---- this post really lost me sorry ? I've never ever been hacked in any game over the last 10 years, I've more pro versions of defence than fort knox | |} ---- Yeah im confused myself at OPs comments now :huh: | |} ---- ---- ---- What case are you resting? As has been mentioned, 2-step was never about account security since they do have other things in place, it was about game security. The problems you've been seeing over the past couple of days by the 3+ returning people that have made posts about not being able to play are user generated problems, not Carbine generated problems. They didn't keep their seed code, so now they have to throw themselves at the mercy of Support. What exactly is Carbine supposed to do to fix people not writing down their seed code?(not looking forward to this happening to me, I forgot to do it too, but at least I understand it's a problem caused by me and not a problem caused by Carbine). | |} ---- ---- ---- ---- ---- ---- ---- ---- BINGO And that brings us back to why Chillia said we have 2-step in the first place! It's this statement I find misleading and worrying on the website How does the WildStar Authenticator work? First, you will log in to WildStar as normal, with your account name and password. Next, you’ll be asked for a six-digit numeric code from the authenticator. At this point, simply enter the code provided by the authenticator to proceed using your mouse (your numpad will be disabled during this step). Without this code, no one will be able to log in to your account. This effectively prevents attackers from unauthorized use of your account. | |} ---- ---- That's a grammar/semantics issue there. They are assuming you know they are talking about logging into the game client, which is what the 2-step gets tied to. 2-step is to keep people from logging into your game client, not your overall account. And considering the *cupcake* storm that seems to be brewing here, maybe they should change the wording of it all. And I'm not saying that in a completely snarky manner either(will not deny a little bit of snark though), because I do realize a lot of non-native English speakers play this game and I can see how that would be confusing to them. | |} ---- ---- Little Chua, the website Authenticates on an IP address, so the only one whom can authenticate someone through is if they have your Email account as well. | |} ---- way easier bypassed with man in the middle attacks then authenticators. Yes the IP protection is nice, and sometimes annoying; but it's far from secure. Whereas the 2-step authenticator is way more secure. It makes more sense to remove the IP check, and just extend the 2-step authentication to the site as well. Square and Blizzard do it as well, with good reason. | |} ---- ---- ---- ---- What are you talking about those were great times! | |} ---- The problem they are pointing out is that the authenticator only works for logging in and not on your account allowing people to place orders for CREDD, and other things from your account. Potentially not protecting your personal information which is available from the NCsoft website not from the game. Most other security keys required people to use it to log into the site and get into your account, as it also protects personal information and the possibility to have things put on credit cards saved in the system. Some others here seem to think how the 2 step authentication is implemented is great, but e-gold, e-peen and characters much less important than information that is potentially available through the log in site. On a side note if they implemented it preventing people logging into the site without their 2 step authentication... it would mean less threads whinging about it too. :o | |} ---- ---- I didn't save mine either. But thanks to all the people screeching about how it's Carbine's fault I know exactly what to do if I ever lose my phone. :lol: | |} ---- I'm not very tech savvy, I failed to write down my seed code when I attached 2-step to my game. But if I ever have to get it removed and reset, I don't see it as a wall. It's MY FAULT if I have to go through that headache, and I really don't see how Carbine should be the one that has all this *cupcake* thrown at them for it. Yea, I was talking to my husband about this the other day, and I told him to remind me if I ever need to remove it that I have to come make a post complaining about it :P | |} ---- ---- You're right, it was my fault! But this is Carbine problem, and the forum seems to have posts today of frustrated players as it did the first week the two step was introduced. All I did was pop in and give my thoughts on it. Carbine game and loss, not mine, I just log into another game (securely) and move on. I do have my seed code this time around (not sure if it still works, I have a different phone), I just won't bother with it at this point is all, that's how much I dislike that 2step. A perspective is all for a company that could use it, best of wishes and look forward to reading about your changes this 2015! | |} ---- How's it a Carbine problem that I forgot to write down my seed code and now I have to ask them to take it off if/when I need to have it removed? That's the part I'm not understanding, I really don't see why Carbine deserves to take the blame for this. | |} ---- ---- ---- If you want, you can deactivate your own authenticator (easily, since you have the authenticator), spin up a new authenticator code, and write down the new seed. That's what I did to avoid the potential hassle. I mean, there's only so much I can tell everyone who's having a 2FA problem in the case that they shut down their original device. It's a security layer, that's not the kind of thing that any company makes easy or automatic (that's when hackers actually do come after your account). I know it might annoy some returning players, but it does make me feel better that removing my authenticator without the code isn't something that can be done easily. | |} ---- Oh hey, thanks Vic :D Good to learn something new :D | |} ----